"TPM based attestation - how can we use it for good?" - Matthew Garrett (LCA 2020)
Вставка
- Опубліковано 11 вер 2024
- Matthew Garrett
lca2020.linux....
Systems with a Trusted Platform Module generate a cryptographically verifiable event log of every component of the boot process. They can then provide a signed quote of this log in order to prove to a remote site that they booted the expected software. In the early 2000s we were concerned about that resulting in websites that would refuse to grant you access unless you were running an unmodified proprietary operating system, but for various reasons that turned out to not be a problem in the real world. Some years later, how can we use this attestation data for the power of good?
This presentation will describe the functionality of TPMs and how the event log is generated, and describe techniques for making use of TPMs to protect access to network resources, solve the problem of trusting SSH host keys in enterprise environments and make it easier for people to recover their systems while on the road. It will include demonstrations of using newly released open source software to build novel attestation solutions for protecting end users without giving up privacy or control.
linux.conf.au is a conference about the Linux operating system, and all aspects of the thriving ecosystem of Free and Open Source Software that has grown up around it. Run since 1999, in a different Australian or New Zealand city each year, by a team of local volunteers, LCA invites more than 500 people to learn from the people who shape the future of Open Source. For more information on the conference see linux.conf.au/
Produced by NDV: / @nextdayvideo
#linux.conf.au #linux #foss #opensource
Fri Jan 17 10:45:00 2020 at Arena
